lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite: Windows password security audit tool. GUI, reports in PDF.
[<prev] [next>] [<thread-prev] [thread-next>] [day] [month] [year] [list] 
Message-ID: <000601d3fb9c$2bea1f30$83be5d90$@toshiba.co.jp>
Date:   Mon, 4 Jun 2018 09:37:09 +0900
From:   "Daniel Sangorrin" <daniel.sangorrin@...hiba.co.jp>
To:     "'Naresh Kamboju'" <naresh.kamboju@...aro.org>
Cc:     "'Greg Kroah-Hartman'" <gregkh@...uxfoundation.org>,
        "'open list'" <linux-kernel@...r.kernel.org>,
        "'linux- stable'" <stable@...r.kernel.org>,
        "'Davidlohr Bueso'" <dbueso@...e.de>,
        "'Joe Lawrence'" <joe.lawrence@...hat.com>,
        "'Andrea Arcangeli'" <aarcange@...hat.com>,
        "'Manfred Spraul'" <manfred@...orfullife.com>,
        "'Andrew Morton'" <akpm@...ux-foundation.org>,
        "'Linus Torvalds'" <torvalds@...ux-foundation.org>
Subject: RE: [PATCH 4.4 011/268] Revert "ipc/shm: Fix shmat mmap nil-page protection"

> -----Original Message-----
> From: Naresh Kamboju [mailto:naresh.kamboju@...aro.org]
> Sent: Friday, June 1, 2018 12:55 AM
> To: Daniel Sangorrin <daniel.sangorrin@...hiba.co.jp>
> Cc: Greg Kroah-Hartman <gregkh@...uxfoundation.org>; open list
> <linux-kernel@...r.kernel.org>; linux- stable <stable@...r.kernel.org>;
> Davidlohr Bueso <dbueso@...e.de>; Joe Lawrence <joe.lawrence@...hat.com>;
> Andrea Arcangeli <aarcange@...hat.com>; Manfred Spraul
> <manfred@...orfullife.com>; Andrew Morton <akpm@...ux-foundation.org>;
> Linus Torvalds <torvalds@...ux-foundation.org>
> Subject: Re: [PATCH 4.4 011/268] Revert "ipc/shm: Fix shmat mmap nil-page
> protection"
> 
> On 31 May 2018 at 13:06, Daniel Sangorrin
> <daniel.sangorrin@...hiba.co.jp> wrote:
> >> -----Original Message-----
> >> From: 'Greg Kroah-Hartman' [mailto:gregkh@...uxfoundation.org]
> > ..
> >> Thanks for letting us know, but this was reported already.  See the
> >> emails on lkml with the subject:
> >>       Subject: Re: [PATCH 4.16 000/272] 4.16.13-stable review
> >> from Davidlohr Bueso
> >>       Message-ID: <20180528213039.yy2madue67njkmw5@...ux-n805>
> >>
> >> where he discusses that the LTP test is incorrect and that the kernel
> >> change is correct and that LTP is going to be fixed because of this.
> 
> My two cents,
> If you are referring to cve-2017-5669.c
> LTP test case is been fixed few hours ago by Rafael Tinoco,
> 
> - shm_addr = shmat(shm_id, ((void *)1), SHM_RND);
> + shm_addr = shmat(shm_id, ((void *)1), SHM_RND | SHM_REMAP);
> 
> LTP patch pull request and it is been merged.
> https://github.com/linux-test-project/ltp/pull/324

Thanks a lot Naresh.
I confirmed that the latest LTP cve-2017-5669 now PASSes.

Thanks,
Daniel

Powered by blists - more mailing lists

Powered by Openwall GNU/*/Linux Powered by OpenVZ